.\"	$OpenBSD: spamdb.8,v 1.15 2007/05/31 19:20:29 jmc Exp $
.\"
.\" Copyright (c) 2004 Bob Beck.  All rights reserved.
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd September 11, 2007
.Dt SPAMDB 8
.Os
.Sh NAME
.Nm spamdb
.Nd spamd database tool
.Sh SYNOPSIS
.Nm spamdb
.Oo Fl D Oc
.Op Fl Y Ar synctarget
.Op Fl W Ar whiteexp
.Oo Oo Fl Tt Oc
.Fl a Ar keys Oc
.Oo Oo Fl Tt Oc
.Fl d Ar keys Oc
.Sh DESCRIPTION
.Nm
manipulates the spamd database in
.Pa /var/db/spamd
used for
.Xr spamd 8 .
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl D
debug mode
.It Fl Y Ar synctarget
Add a target to receive synchronisation messages; see
.Sx SYNCHRONISATION
below.
This option can be specified multiple times.
.It Fl W Ar whiteexp
Adjust the time for whiteexp in hours (default is 864
hours, approximately 36 days. Min is 1 hour, max is 2160
hours approximately 90 days).
.It Fl a Ar keys
Add or update the entries for
.Ar keys .
This can be used to whitelist one or more IP addresses
(i.e. circumvent the greylisting process altogether)
by adding all IP addresses as keys to the spamd database for WHITE entries.
If any
.Ar keys
specified match entries already in the spamd database,
.Nm
updates the entry's time last seen to now.
.It Fl d Ar keys
Delete entries for
.Ar keys .
.It Fl T
Add or delete the keys as SPAMTRAP entries.
See the
.Sx GREYTRAPPING
section of
.Xr spamd 8
for more information.
Must be used in conjunction with the
.Fl a
or
.Fl d
option.
.It Fl t
Add or delete the keys as TRAPPED entries.
See the
.Sx GREYTRAPPING
section of
.Xr spamd 8
for more information.
Must be used in conjunction with the
.Fl a
or
.Fl d
option.
.El
.Pp
If adding or deleting a SPAMTRAP address
.Pq Fl T ,
.Ar keys
should be specified as email addresses:
.Pp
.Dl spamtrap@mydomain.org
.Pp
Otherwise
.Ar keys
must be numerical IP addresses.
.Ss DATABASE OUTPUT FORMAT
If invoked without any arguments,
.Nm
lists the contents of the database in a text format.
For SPAMTRAP entries the format is:
.Pp
.Dl type|mailaddress
.Pp
where
.Em type
will be SPAMTRAP and
.Em mailaddress
will be the email address for which any connections received by
.Xr spamd 8
will be blacklisted if mail is sent to this address.
.Pp
For TRAPPED entries the format is:
.Pp
.Dl type|ip|expire
.Pp
where
.Em type
will be TRAPPED,
.Em IP
will be the IP address blacklisted due to hitting a spamtrap, and
.Em expire
will be when the IP is due to be removed from the blacklist.
.Pp
For GREY entries, the format is:
.Pp
.Dl type|source IP|helo|from|to|first|pass|expire|block|pass
.Pp
For WHITE entries, the format is:
.Pp
.Dl type|source IP|||first|pass|expire|block|pass
.Pp
The fields are as follows:
.Pp
.Bl -tag -width "source IP" -offset indent -compact
.It type
.Em WHITE
if whitelisted or
.Em GREY
if greylisted
.It source IP
IP address the connection originated from
.It helo
what the connecting host sent as identification in the HELO/EHLO command in the
SMTP dialogue
.It from
envelope-from address for
.Em GREY
(empty for
.Em WHITE
entries)
.It to
envelope-to address for
.Em GREY
(empty for
.Em WHITE
entries)
.It first
time the entry was first seen
.It pass
time the entry passed from being
.Em GREY
to being
.Em WHITE
.It expire
time the entry will expire and be removed from the database
.It block
number of times a corresponding connection received a temporary
failure from
.Xr spamd 8
.It pass
number of times a corresponding connection has been seen to pass
to the real MTA by
.Xr spamlogd 8
.El
.Pp
Note that times are in seconds since the Epoch, in the manner returned by
.Xr time 3 .
Times may be converted to human readable format using:
.Pp
.Dl $ date -r <value>
.Pp
.Sh SYNCHRONISATION
.Nm
supports realtime synchronisation of white or blacklist entries between
a number of
.Xr spamd 8
daemons running on multiple machines,
using the
.Fl Y
option.
.Pp
The following example will send a unicast synchronisation messages.
.Bd -literal -offset indent
.Em whitelisting
# /usr/local/sbin/spamdb -Y foo.example.org -a 1.2.3.4 2.3.4.5
# /usr/local/sbin/spamdb -Y foo.example.org -Y bar.example.org -a 1.2.3.4
.Pp
.Em blacklisting
# /usr/local/sbin/spamdb -Y foo.example.org -ta 1.2.3.4 2.3.4.5
.Ed
.Pp
The IP send to peers is logged via
.Xr syslogd 8
at
.Dv LOG_INFO
level.
The following
.Xr syslog.conf 5
section can be used to log connection details to a dedicated file:
.Bd -literal -offset indent
!spamdb
daemon.info			/var/log/spamdb
.Ed
.Sh FILES
/var/db/spamd
.Pp
/usr/local/etc/spamd/spamd.key
.Sh SEE ALSO
.Xr spamd.conf 5 ,
.Xr spamd 8 ,
.Xr spamd-setup 8 ,
.Xr spamlogd 8
.Sh HISTORY
The
.Nm
command
appeared in
.Ox 3.5 .
